Posts tagged from

This Month in #SocialMedia: Updates from February 2015 by @thebigdebowski

February revealed numerous social media updates, particularly on Facebook and in terms of advertising. Which of these do you think will have the largest impact? Facebook Facebook introduced a new mobile app to help make it easier to manage ads on the go. Users can now create new ads or monitor existing ones, as well as edit ads, budgets, and schedules. Learn more: Facebook Introduces App For Managing Ads On The Go Facebook provided a rare glimpse into its philosophy for counting ad impressions, revealing that the company doesn’t believe ads should be charged for unless seen by a real […]

The post This Month in #SocialMedia: Updates from February 2015 by @thebigdebowski appeared first on Search Engine Journal.

View full post on Search Engine Journal

6 Tips From the Monty Python School of SEO

What kind of SEO takeaways can you get from classic Monty Python sketches?

View full post on Home – SearchEngineWatch

SMBs Benefit From New YP Local Search Feature

ypSearch delivers SMBs desktop and mobile search ads across Google, Yahoo, Bing, and YP.com.

View full post on Home – SearchEngineWatch

5 Steps to Driving More Calls From Mobile Search

Here are five ways to make the most out of mobile click-to-call opportunities and forge stronger customer connections.

View full post on Home – SearchEngineWatch

Hear From Pebble’s Eric Migicovsky At Wearable World Congress

Eric Migicovsky has done it again.

The Pebble Time, his newest smartwatch, has attracted a million dollars in preorders on Kickstarter … in 33 minutes.

See also: Meet The New Pebble Time—Though Getting One Will Take … Time

Why the hunger for a smartwatch that won’t ship until May? Because Migicovsky has shown how to build a fiercely loyal community around a new category of device.

That’s why I’ve invited him to be a keynote speaker at Wearable World Congress, the first big event ReadWrite is putting on with our new business partners, Wearable World.

Wearable World Congress takes place May 19-20 in our new home at the Palace of Fine Arts in San Francisco. It’s an incredibly inspiring venue, right next to the Presidio National Park and San Francisco Bay. 

It doesn’t hurt that Pebble is expecting to ship its Time smartwatch to backers in May. We’re hoping Migicovsky will be sporting one on stage.

There will be plenty of buzz about the Time and other smartwatches by then. We’re going to talk about far more than wearable devices at the event, though. The conversation will feature ReadWrite’s editors in conversation with some of the deepest thinkers in technology today, exploring what it will take to build the Internet of Things, how we’ll make sense of the flood of data connected devices create, and where these new technologies are taking us as a society.

How Pebble Made It

We’ll hear from Migicovsky on how he built on the original Pebble’s success to do it again with the Pebble Time. I’ll ask him about how he’s gone beyond hobbyists and tinkerers to sign up the likes of Mercedes-Benz and ESPN as Pebble developers. And he may offer a surprising take on the Apple Watch.

I can’t wait—and I expect you can’t either. So sign up now to get tickets for Wearable World Congress at a great price. ReadWrite readers can get $100 off our early-bird price of $499—just use the code READWRITE. (We’re just starting to announce all the great speakers we’ll have at the Congress, so this is a great chance to secure your tickets before they’re gone.)

For a teaser, here’s the talk Migicovsky and I had at last year’s ReadWriteMix:

View full post on ReadWrite

Superfish: How To Get Unhooked From Lenovo’s Dangerous Adware

Have a recent Lenovo laptop? You may also have been netted by Superfish, an insidious little ad-insertion program that sidesteps ordinary security measures in ways that could expose your personal or financial information to unsavory characters.

Where Superfish Swims And What It Eats

Superfish has been installed on select Lenovo computers since at least 2014, and does a number of nasty things. It can alter non-encrypted traffic—i.e., visits to all websites that aren’t protected by HTTPS encryption (that green padlock in Chrome)—by injecting JavaScript that displays affiliated ads on unsuspecting websites. That’s annoying because it cause problems on those sites, though it’s not necessarily dangerous.

But Superfish can also apparently spy on encrypted traffic, such as your visits to banking sites, email or social media. It does this by installing its own rogue root certificate in Windows. This allows the software to falsely represent itself as a trusted authority for every website you visit, even though its certificate has been self-signed and is controlled by SuperFish. Google security engineer Chris Palmer was the first to notice the implications.

See also: Why Google Wants To Padlock The Web

“This allows Superfish to intercept an encrypted SSL connection, decrypt it, then re-encrypt it again,” writes Errata Security CEO Robert Graham. As a result, Superfish is effectively conducting what security pros call a “man-in-the-middle attack,” in which a malicious party eavesdrops on supposedly trusted communications, and can even alter transmitted information on the fly. As a result, it could have access to your bank account, your email and other sensitive data.

Making matters worse, Superfish apparently does its spying in such spectacularly clumsy fashion that other hackers could also exploit affected users. Technically, Superfish uses the same private encryption key for each Lenovo machine. 

“This means that hackers at your local cafe WiFi hotspot, or the NSA eavesdropping on the Internet, can use that private key to likewise intercept all [encrypted] connections from Superfish users,” writes Graham, who cracked the cryptographic key and extracted the certificate.

Throwing Superfish Back

Although many virus scans flag Superfish as spyware, they don’t disable the rogue root certificate, which means your machine could still be vulnerable to hacking. Lenovo has listed models that may be affected, and says that it stopped preloading the adware in January and will not preload it in the future. (It has published instructions for removing the app, although they don’t include removing the malicious certificate.)

You can find out if your computer is infected using a test site created by Italian security consultant Filippo Valsorda at https://filippo.io/Badfish/, using either Chrome or Internet Explorer. (Firefox behaves a little differently.)

If you are affected, Valsorda’s cleanup instructions are the best place to start. To summarize:

  1. Uninstall Superfish via the Control Panel. Look for “Superfish Inc VisualDiscovery”
  2. Then it’s time to uninstall the certificate from Windows. First open the Windows certificate manager. You can search for “certmgr.msc,” right-click it and choose the option “Run as administrator”
  3. Click “Trusted Root Certificate Authorities” and select “Certificates”
  4. Scroll to the “Superfish, Inc.” certificate
  5. Right-click it and select “delete”

Valsorda also includes directions for deleting the certificate from Firefox, which might not be necessary. You can also check the site canibesuperphished.com to make sure your computer is no longer infected, although it’s a little counter-intuitive. If you get a certificate error message on loading the site, you’re safe.

Photo by OakleyOriginals

View full post on ReadWrite

How To Get Unhooked From Lenovo’s Dangerous Superfish Spyware

Have a recent Lenovo laptop? You may also have been netted by Superfish, an insidious little ad-insertion program that sidesteps ordinary security measures in ways that could expose your personal or financial information to unsavory characters.

Where Superfish Swims And What It Eats

Superfish has been installed on select Lenovo computers since at least 2014, and does a number of nasty things. It can alter non-encrypted traffic—i.e., visits to all websites that aren’t protected by HTTPS encryption (that green padlock in Chrome)—by injecting JavaScript that displays affiliated ads on unsuspecting websites. That’s annoying because it cause problems on those sites, though it’s not necessarily dangerous.

But Superfish can also apparently spy on encrypted traffic, such as your visits to banking sites, email or social media. It does this by installing its own rogue root certificate in Windows. This allows the software to falsely represent itself as a trusted authority for every website you visit, even though its certificate has been self-signed and is controlled by SuperFish. Google security engineer Chris Palmer was the first to notice the implications.

See also: Why Google Wants To Padlock The Web

“This allows Superfish to intercept an encrypted SSL connection, decrypt it, then re-encrypt it again,” writes Errata Security CEO Robert Graham. As a result, Superfish is effectively conducting what security pros call a “man-in-the-middle attack,” in which a malicious party eavesdrops on supposedly trusted communications, and can even alter transmitted information on the fly. As a result, it could have access to your bank account, your email and other sensitive data.

Making matters worse, Superfish apparently does its spying in such spectacularly clumsy fashion that other hackers could also exploit affected users. Technically, Superfish uses the same private encryption key for each Lenovo machine. 

“This means that hackers at your local cafe WiFi hotspot, or the NSA eavesdropping on the Internet, can use that private key to likewise intercept all [encrypted] connections from Superfish users,” writes Graham, who cracked the cryptographic key and extracted the certificate.

Throwing Superfish Back

Although many virus scans flag Superfish as spyware, they don’t disable the rogue root certificate, which means your machine could still be vulnerable to hacking. Lenovo has listed models that may be affected, and says that it stopped preloading the adware in January and will not preload it in the future. (It has published instructions for removing the app, although they don’t include removing the malicious certificate.)

You can find out if your computer is infected using a test site created by Italian security consultant Filippo Valsorda at https://filippo.io/Badfish/, using either Chrome or Internet Explorer. (Firefox behaves a little differently.)

If you are affected, Valsorda’s cleanup instructions are the best place to start. To summarize:

  1. Uninstall Superfish via the Control Panel. Look for “Superfish Inc VisualDiscovery”
  2. Then it’s time to uninstall the certificate from Windows. First open the Windows certificate manager. You can search for “certmgr.msc,” right-click it and choose the option “Run as administrator”
  3. Click “Trusted Root Certificate Authorities” and select “Certificates”
  4. Scroll to the “Superfish, Inc.” certificate
  5. Right-click it and select “delete”

Valsorda also includes directions for deleting the certificate from Firefox, which might not be necessary. You can also check the site canibesuperphished.com to make sure your computer is no longer infected, although it’s a little counter-intuitive. If you get a certificate error message on loading the site, you’re safe.

Photo by OakleyOriginals

View full post on ReadWrite

Bing Offers Link To Order Food Online From Your Favorite Restaurants

Now you can order your food online with Bing search. Just search for a restaurant that offers online ordering and click the order online button.

The post Bing Offers Link To Order Food Online From Your Favorite Restaurants appeared first on Search Engine Land.



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Google News Bug Drops Trending Topics From Side Bar Navigation

A Google bug breaks the Trending Topics feature in Google News. A fix is coming soon, says Google’s Stacie Chan.

The post Google News Bug Drops Trending Topics From Side Bar Navigation appeared first on Search Engine Land.



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

How to Use The Partner Gallery Feature From Google Analytics by @seocompanymiami

The Google Analytics Partner Gallery makes it easier to search for solutions to everyday problems.

The post How to Use The Partner Gallery Feature From Google Analytics by @seocompanymiami appeared first on Search Engine Journal.

View full post on Search Engine Journal

Go to Top
Copyright © 1992-2015, DC2NET All rights reserved